July 2017 Portrait of an Imminent Cyberthreat – Cyber attacks on US enterprises and critical infrastructure are coming soon, according to some of the industry’s most experienced and highly informed security professionals. And in most cases, defenders are not prepared.
“Most information security professionals believe that the US critical infrastructure will be breached by a cyber attack within the next two years. Most also believe that their own enterprises will be breached in the next 12 months. And most believe that the defenders of those infrastructures are not ready to respond. These are some of the conclusions drawn by 580 respondents to the 2017 Black Hat Attendee Survey, a poll of top-level cybersecurity professionals who have attended the annual Black Hat USA conference in the last two years. Black Hat, a forum that features some of the most advanced security research in the world, is a destination for discussion among the industry’s most experienced information security pros, including leading ethical hackers, IT security management, and technology developers. The survey results offer a dark picture of tomorrow’s cyber defenses, which are being increasingly tested by sophisticated hacking and social engineering exploits, including ransomware worms such as WannaCry and nation-state-sponsored hacks such as those emanating from Russia and North Korea. In essence, the survey is a warning from the industry’s most experienced and responsible IT security professionals that successful cyber attacks on essential infrastructure and business could be imminent, but defenders do not have the resources and training they need to efficiently respond. The 2017 Black Hat Attendee Survey also polled cybersecurity professionals on their attitudes, concerns, and strategic plans for the coming year. We looked at the threats they are facing, their budgets and staffing plans, and their feelings about the latest developments in cyberspace…”